I misunderstood pause. need sleep.

for galera to work.

ansible.cfg

@@ -1,2 +1,2 @@
 [defaults]
-inventory = merlin
+hostfile = hosts

generate_secrets.py

@@ -5,7 +5,6 @@ Open the secrets.yml and replace all passwords.
 Original is backed up.
 """
 
-from os import path
 import random
 import string
 from subprocess import call
@@ -28,7 +27,6 @@ for key, value in data.iteritems():
         for _ in range(pass_length))
 
 # Make numbered backups of the secrets file.
-if path.isfile('secrets.yml'):
 call(['cp', '--backup=numbered', 'secrets.yml', 'secrets.yml.bak'])
 
 with open('secrets.yml', 'w') as f:

heat.yml

@@ -1,9 +0,0 @@
----
-- hosts: all
-  name: Dummy to gather facts
-  tasks: []
-
-- hosts: heat
-  become: True
-  roles:
-     - heat

hosts

@@ -1,9 +1,5 @@
-# A demo cluster of three nodes.
-
 [databases]
-openstack01-node01
 openstack01-node02
-openstack01-node03
 
 [keystone]
 openstack01-node03
@@ -19,9 +15,24 @@ openstack01-node01
 openstack01-node02
 openstack01-node03
 
+#[cassandra]
+#openstack01-node[01:03]
+
+#openstack01-node01
+#
+#[next_cassandra]
+#openstack01-node02
+#openstack01-node03
+
 [memcached]
 openstack01-node03
 
+#[first_cassandra:vars]
+#run_options=""
+#
+#[next_cassandra:vars]
+#run_options="-e CASSANDRA_SEEDS=172.23.41.1"
+
 [neutron-controller]
 openstack01-node01 physical_interface_mappings=provider:ens192
 
@@ -35,4 +46,4 @@ openstack01-node03
 openstack01-node01 storage_volume=/dev/loop0
 
 [nova-compute]
-openstack01-node04 physical_interface_mappings=provider:enp4s0f0
+openstack01-node04 physical_interface_mappings=provider:dummy0

merlin

@@ -1,37 +0,0 @@
-[nova-compute]
-merlin-managementnode002 physical_interface_mappings=eno3
-merlin-managementnode003 physical_interface_mappings=eno3
-merlin-node001 physical_interface_mappings=eno3
-merlin-node003 physical_interface_mappings=eno3
-merlin-node004 physical_interface_mappings=eno3
-
-[databases]
-merlin-managementnode001
-merlin-managementnode002
-merlin-managementnode003
-
-[rabbitmq]
-merlin-managementnode001
-merlin-managementnode002
-merlin-managementnode003
-
-[horizon]
-merlin-managementnode001
-
-[memcached]
-merlin-managementnode001
-
-[nova-controller]
-merlin-managementnode001
-
-[keystone]
-merlin-managementnode001
-
-[neutron-controller]
-merlin-managementnode001 physical_interface_mappings=eno3
-
-[heat]
-merlin-managementnode001
-
-[glance-controller]
-merlin-managementnode001

meta/main.yml

@@ -1 +0,0 @@
----

nuke.yml

@@ -1,15 +0,0 @@
----
-- hosts: all
-  name: Dummy to gather facts
-  tasks:
-    - name: Stop docker service
-      systemd:
-        name: docker
-        state: stopped
-    - name: remove volumes
-      shell: "rm -rf /srv"
-
-- hosts: cinder-storage
-  tasks:
-    - name: wipe cinder storage.
-      shell: "dd if=/dev/zero of={{ storage_volume }} bs=1M count=1 && sync"

os-test

@@ -1,37 +0,0 @@
-# An all in one
-
-[databases]
-os-test
-
-[keystone]
-os-test
-
-[glance-controller]
-os-test
-
-[horizon]
-os-test
-
-[rabbitmq]
-os-test
-
-[memcached]
-os-test
-
-[neutron-controller]
-os-test physical_interface_mappings=provider:enp4s0f0
-
-[nova-controller]
-os-test
-
-[cinder-controller]
-os-test
-
-[cinder-storage]
-os-test storage_volume=/dev/sdb
-
-[nova-compute]
-os-test physical_interface_mappings=provider:enp4s0f0
-
-[all:vars]
-listen_ip=129.125.60.194

post-install.yml

@@ -19,7 +19,7 @@
         - >
             openstack subnet create --network provider
             --allocation-pool start={{ allocation_pool['start'] }},end={{ allocation_pool['end'] }}
-            --dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} providersub
+            --dns-nameserver {{ dns_nameserver }} --gateway {{ gateway }} --subnet-range {{ subnet_range }} provider
         - openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
         - openstack keypair create --public-key /root/id_rsa.pub adminkey
 

roles/cinder-storage/tasks/main.yml

@@ -4,7 +4,6 @@
   include_vars:
     file: ../../secrets.yml
     name: secrets
-  tags: vars
 
 - set_fact:
     docker_image: registry.webhosting.rug.nl/hpc/openstack-cinder-storage:latest
@@ -21,7 +20,6 @@
         -e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
         -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
         -e "RABBIT_USER=openstack"
-  tags: vars
 
 - name: pull docker image
   docker_image:
@@ -54,10 +52,8 @@
     mode: 644
     owner: root
     group: root
-  tags: systemd
 
 - command: systemctl daemon-reload
-  tags: systemd
 
 - name: start service at boot.
   command: systemctl reenable cinder-storage.service

roles/cinder-storage/templates/cinder-storage.service

@@ -11,13 +11,9 @@ ExecStartPre=-/usr/bin/docker rm %n
 ExecStart=/usr/bin/docker run --name %n \
   --privileged \
   {{ env_vars | replace('\n', '') }} \
-  -v "/dev/cinder-volumes/":/dev/cinder-volumes \
   -v /srv/cinder-storage/root:/root \
   -v "{{ storage_volume }}":/dev/cinder_storage_volume \
-  -v "/dev/lvm":/dev/lvm \
-  -v "/srv/cinder-storage/volumes/:/var/lib/cinder/volumes/" \
   -p 8777:8776 \
-  -p 3260:3260 \
   {{ docker_image }}
 
 [Install]

roles/common/tasks/docker.yml

@@ -13,8 +13,3 @@
   with_items:
      - docker-engine
      - python-docker
-
-- name: make sure service is started
-  systemd:
-    name: docker.service
-    state: started

roles/heat/tasks/main.yml

@@ -1,62 +0,0 @@
-# Build and install a docker image for heat.
----
-- name: include secrets
-  include_vars:
-    file: ../../secrets.yml
-    name: secrets
-
-- set_fact:
-    docker_image: registry.webhosting.rug.nl/hpc/openstack-heat:latest
-    env_vars: >
-        -e "HEAT_HOST={{ listen_ip | default(hostvars[groups['heat'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "HEAT_PASSWORD={{ secrets['HEAT_PASSWORD'] }}"
-        -e "HEAT_USER=heat"
-        -e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-        -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
-        -e "RABBIT_HOST={{ listen_ip | default(hostvars[groups['rabbitmq'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "RABBIT_PASSWORD={{ secrets['RABBIT_PASSWORD'] }}"
-        -e "RABBIT_USER=openstack"
-
-- name: pull docker image
-  docker_image:
-    name: "{{ docker_image }}"
-  tags: pull
-
-- name: Make build and persistent directories
-  file:
-    path: "{{ item }}"
-    state: directory
-    mode: 0777
-  with_items:
-      - /srv/heat
-      - /srv/heat/root
-
-- name: install service file.
-  template:
-    src: templates/heat.service
-    dest: /etc/systemd/system/heat.service
-    mode: 644
-    owner: root
-    group: root
-
-- name: start service at boot.
-  command: systemctl reenable heat.service
-
-- command: systemctl daemon-reload
-
-- name: Initialize database.
-  command: >
-             /usr/bin/docker run --rm
-             {{ env_vars }}
-             --add-host=keystone:{{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
-             -v /srv/heat/root:/root \
-             {{ docker_image }} /etc/bootstrap.sh
-  tags: bootstrap
-
-- name: make sure service is started
-  systemd:
-    name: heat.service
-    state: restarted

roles/heat/templates/heat.service

@@ -1,19 +0,0 @@
-[Unit]
-Description=Openstack heat Container
-After=docker.service
-Requires=docker.service
-
-[Service]
-TimeoutStartSec=0
-Restart=always
-ExecStartPre=-/usr/bin/docker kill %n
-ExecStartPre=-/usr/bin/docker rm %n
-ExecStart=/usr/bin/docker run --name %n \
-  {{ env_vars | replace('\n', '') }} \
-  -v /srv/heat/root:/root \
-  -p 8000:8000 \
-  -p 8004:8004 \
-  {{ docker_image }}
-
-[Install]
-WantedBy=multi-user.target

roles/keystone/tasks/main.yml

@@ -86,19 +86,11 @@
              -e "OS_PASSWORD={{ secrets['OS_PASSWORD'] }}"
              {{ docker_image }} bash /etc/bootstrap.sh
 
-
-- name: install openstack repo on host.
-  command: >
-      echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main" > /etc/apt/sources.list.d/ocata.list &&
-      apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
-  tags: openstackclient
-
 - name: install openstack client for management
   apt:
     name: python-openstackclient
     state: latest
     update_cache: yes
-  tags: openstackclient
 
 - name: source admin-openrc.sh in root .bashrc
   lineinfile:

roles/nova-compute/tasks/main.yml

@@ -4,11 +4,10 @@
   include_vars:
     file: ../../secrets.yml
     name: secrets
-  tags: vars
 
 - set_fact:
     docker_image: registry.webhosting.rug.nl/hpc/openstack-nova-compute:latest
-  tags: vars
+  tags: facts
 
 - name: pull docker image
   docker_image:
@@ -23,13 +22,11 @@
     mode: 644
     owner: root
     group: root
-  tags: systemd
 
 - command: systemctl daemon-reload
-  tags: systemd
 
 - apt:
-    name: "{{ item }}"
+    name: '{{ item }}'
   with_items:
       - kvm
       - libvirt0
@@ -45,5 +42,5 @@
   command: systemctl reenable nova-compute.service
 
 - name: let nova controler discover new host
-  shell: "sleep 10 && docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts"
+  command: docker exec -i nova-controller.service nova-manage cell_v2 discover_hosts
   delegate_to: "{{ hostvars[groups['nova-controller'][0]]['ansible_hostname'] }}"

roles/nova-compute/templates/nova-compute.service

@@ -11,9 +11,8 @@ ExecStartPre=-/usr/bin/docker rm %n
 ExecStart=/usr/bin/docker run --name %n \
     -e "GLANCE_CONTROLLER_HOST={{ hostvars[groups['glance-controller'][0]]['listen_ip'] | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}" \
     -e "KEYSTONE_HOST={{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}" \
-    -e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}" \
     -e "MEMCACHED_HOST={{ hostvars[groups['memcached'][0]]['listen_ip'] | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}" \
-    -e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}" \
+    -e "MY_IP={{ hostvars[groups['nova-compute'][0]]['listen_ip'] | default(hostvars[groups['nova-compute'][0]]['ansible_default_ipv4']['address']) }}" \
     -e "MYSQL_HOST={{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}" \
     -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}" \
     -e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}" \
@@ -34,7 +33,6 @@ ExecStart=/usr/bin/docker run --name %n \
     --add-host=keystone:{{ hostvars[groups['keystone'][0]]['listen_ip'] | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }} \
     --add-host=mariadb:{{ hostvars[groups['databases'][0]]['listen_ip'] | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }} \
     --privileged \
-    -v /dev:/dev \
     -v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock \
     -v /var/lib/nova/instances:/var/lib/nova/instances \
     -v /lib/modules:/lib/modules \

roles/nova-controller/tasks/main.yml

@@ -19,12 +19,11 @@
     env_vars: >
         -e "GLANCE_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['glance-controller'][0]]['ansible_default_ipv4']['address']) }}"
         -e "KEYSTONE_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "METADATA_SECRET={{ secrets['METADATA_SECRET'] }}"
         -e "MEMCACHED_HOST={{ listen_ip | default(hostvars[groups['memcached'][0]]['ansible_default_ipv4']['address']) }}"
-        -e "MY_IP={{ listen_ip | default(ansible_default_ipv4.address) }}"
+        -e "MY_IP={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"
         -e "MYSQL_HOST={{ listen_ip | default(hostvars[groups['databases'][0]]['ansible_default_ipv4']['address']) }}"
         -e "MYSQL_ROOT_PASSWORD={{ secrets['MYSQL_ROOT_PASSWORD'] }}"
-        -e "NEUTRON_CONTROLLER_HOST={{ hostvars[groups['neutron-controller'][0]]['listen_ip'] | default(hostvars[groups['neutron-controller'][0]]['ansible_default_ipv4']['address']) }}"
+        -e "NEUTRON_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['keystone'][0]]['ansible_default_ipv4']['address']) }}"
         -e "NEUTRON_PASSWORD={{ secrets['NEUTRON_PASSWORD'] }}"
         -e "NEUTRON_USER=neutron"
         -e "NOVA_CONTROLLER_HOST={{ listen_ip | default(hostvars[groups['nova-controller'][0]]['ansible_default_ipv4']['address']) }}"

roles/nova-controller/templates/nova-controller.service

@@ -15,7 +15,6 @@ ExecStart=/usr/bin/docker run --name %n \
   --privileged \
   -v /srv/nova-controller/root:/root \
   -p 8774:8774 \
-  -p 8775:8775 \
   -p 8778:8778 \
   -p 6080:6080 \
   {{ docker_image }} /etc/run.sh

roles/rabbitmq/files/rabbitmq.service

@@ -14,7 +14,7 @@ ExecStart=/usr/bin/docker run \
           --add-host "{{ host }}:{{ hostvars[host]['listen_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}" \
 {% endfor %}
           -p 4369:4369 -p 25679:25679 -p 25672:25672 -p 5671-5672:5671-5672 -p 8080:15672 \
-          -e "RABBITMQ_DEFAULT_USER=openstack" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
+          -e "RABBITMQ_DEFAULT_USER=user" -e "RABBITMQ_DEFAULT_PASS={{ secrets['RABBIT_PASSWORD'] }}" \
           -e "RABBITMQ_ERLANG_COOKIE={{ secrets['RABBITMQ_ERLANG_COOKIE'] }}" \
           -e "RABBITMQ_NODENAME=rabbit_{{ ansible_nodename }}" \
           --hostname "{{ ansible_nodename }}" --name %n rabbitmq:3-management

roles/rabbitmq/tasks/main.yml

@@ -37,3 +37,11 @@
       - rabbitmqctl start_app
   when: ansible_nodename != hostname_node0
 
+- name: create openstack user
+  command: "docker exec -i rabbitmq.service {{ item }}"
+  with_items:
+      - rabbitmqctl add_user openstack "{{ secrets['RABBIT_PASSWORD'] }}"
+      - rabbitmqctl set_permissions openstack ".*" ".*" ".*"
+  when: ansible_nodename == hostname_node0
+  register: command_result
+  failed_when: "command_result.rc not in (0, 70)"

secrets.yml

@@ -1,32 +1,30 @@
 $ANSIBLE_VAULT;1.1;AES256
-35616361313539616462356335646363623938366465306461313030373933636533346262363934
-3363636363313264626338666264303736626566623738300a363034653230613037656634616464
-35613639633237616232306336373436616230636536313566386131636566623436313061396637
-6537343234333636320a356466393539616234613766623635333132636566303732663166396365
-35343063393438306435653331386232396132613239383130646637623839313530376534333434
-39636465636361353937613133366239666462633735643438623139383438616431323332363464
-62373463393531636561326532663737653236316663383838636564646264353663343736306663
-38383866383466313864623037313663313334666261653330613763653562366163323436336466
-64616133643862316339626266326434626339646461356235333062623665376534306533623839
-36646661326133613435663066386430346333326164643138396130313138376566393539656665
-39643134383663613761613839656362623932316235643138326332623934373733326364313762
-62643030336230646530346233653334663936333965616263613236663238663031336331323664
-38653466623734373735666330303636663965663633376461303464353138393233653864623231
-39343539343136313736393838333563346534336430393436663634643364643264373237313862
-35313035666133393535383630663635313533653534626661613465636236306462346632656437
-65383839616263373462323737316263373161353036366162633366326565663035663862393463
-32623466653237663538626238613264656631633830666435343264343338333934356662323761
-66666566353838633334316336396338666332343730626130396435363131363834363436343066
-30663137646561616665643636326665343535653937386566663364353761633061366134356561
-31363831316636353732316134623835643936326636373635376539666531313664306663306362
-30643038396261366335626335366661613063626361323933663364373564623238663265646361
-39653330306562646164343836316336363534303139663335333862646633343434333336613564
-66346434626538306462623463666132356539613962646437366436666434613764613331303566
-37306531326434666666616630336232343937393066316565653539396664353139643330633764
-39343036626366316339353737383561323532343965633536633964366235396530316462316331
-38343338303764636331363436616530316564383233643962343539363564326465663434386262
-30666465636337636335303864373836363561623036363939326161313430366162663839343739
-35393630666139383035613462653630393133656265613665363939636539393834396333396538
-33633330353163386430353038656431643763626263383764636237303133383033666537306235
-36343139643164626562616563643562313865396464616336353432613639633264336639383236
-373735393064636436326435643962383864
+35643437313834633532373265366630663035336231306639623561613765386332663334343237
+3339363162303463353437326331656532336138373066620a623137643762383532376361353364
+37646236386466353636396535376463333133323664316634663466663164303063383830653039
+3535666361303562630a316137376531636537383138663662373865383431343035646539356137
+38323866643831353537366630363333663865383261633938346664633362343661343839383766
+66363733356333303334323136376136353738376362376231353338343763663131363731343639
+61383138626235633663666430383964616239363035663663646133636434363032626633663865
+30663732646630393163653461626435333463396463333236313930346461626364626166386365
+66323736316230376165666366363136666533376335316132343361393532616536383965363339
+30376362356665633630393561653532613139366236663961643864383738353430666562623730
+34663166393665653265663836623731386235633062306562373935633737363639383336303539
+37663763623664623038316438356138363134646230643261646262353163333430616462393866
+31666233636233356464633436626637313633623736343264613037353432386131393964386663
+36353236613662633764366437306461316138366461653731373436613039346663663536653362
+38656636303935626563303732666261373665303035333661643865393166653330646336393961
+31646539396131626464313733383638656438613530663166393035343630353764313232323432
+34386334666231323261343765623636313032373835396332623037613866613636393038653266
+36336531356534633933383432646663663364376130386239613836336263623161326563346661
+33636232313866613662353661373533383138393434396338343934326333326238336638396462
+65376133343038313437343934373265333632663133653133656130636533663237623839623634
+35363764363763363465363437623964363362616261663166633066373033633864336532633031
+32323733616562663031303230383561373637326436336462363461313532623262653866323862
+34643631333533626537373538353564306261313035303530666462326534633638363932363037
+65336230373034643966656561303164373463353638316632613431643535303930373334383134
+38323731363535313065326330653666323934636466386238616664316635303333653631396639
+39303737613361653862343964303231393164346134633366633262326230643137303331373231
+31323832363937663935333737613133323265323863623933633962633230386339636432643937
+66653763376663666637353738646565343835333937343765356539383734316231623466343634
+30663135663938393561333133663737653635393432333534306466366332333338

secrets.yml.topol

@@ -9,5 +9,3 @@ OS_PASSWORD:   # Keystone admin password
 OS_DEMO_PASSWORD: # Keystone demo user password
 RABBIT_PASSWORD:
 RABBITMQ_ERLANG_COOKIE:
-CINDER_PASSWORD:
-HEAT_PASSWORD:

site.yml

@@ -11,5 +11,4 @@
 - include: cinder-storage.yml
 - include: nova-compute.yml
 - include: horizon.yml
-- include: heat.yml
 - include: post-install.yml

test_hosts

@@ -17,9 +17,6 @@ ansible-test
 ansible-test-2
 ansible-test-3
 
-[cinder-storage]
-ansible-test
-
 [memcached]
 ansible-test-3
 
@@ -31,6 +28,3 @@ ansible-test
 
 [nova-compute]
 ansible-test-2 physical_interface_mappings=provider:ens10
-
-[heat]
-ansible-test